Re-apply PR #66: openclaw coexist with memory-core (after revert)#69
Merged
Re-apply PR #66: openclaw coexist with memory-core (after revert)#69
Conversation
This reverts commit 8a94a72.
|
Claude finished @kaghni's task in 1m 46s —— View job PR Review
3 inline comments posted:
The coexist logic itself (removing |
5 tasks
Contributor
Coverage ReportScope: files changed in this PR. Enforced threshold: 90% per metric (per file via
File Coverage — 4 files changed
Generated for commit 7ec4a5a. |
![claude[bot]](https://avatars.githubusercontent.com/in/1236702?s=60&v=4){kind=small}
| } | ||
|
|
||
| // Non-blocking version check | ||
| checkForUpdate(logger).catch(() => {}); |
There was a problem hiding this comment.
checkForUpdate runs on every session start, making a GET to raw.githubusercontent.com each time — but openclaw/README.md and SKILL.md both state "only api.deeplake.ai. Nothing else." This is a false disclosure. Either add a cache guard (e.g. skip if last check was < 24 h ago) or update the docs to name GitHub as a second network destination.
Suggested change
| checkForUpdate(logger).catch(() => {}); | |
| checkForUpdate(logger).catch(() => {}); |
If caching isn't added, the docs must be corrected to reflect that raw.githubusercontent.com is also contacted.
Collaborator
Author
There was a problem hiding this comment.
Addressed in commit 4d4f037 (now on the branch). Current disclosure names both endpoints with purposes:
- README.md line 47:
api.deeplake.ai(memory storage) andraw.githubusercontent.com(version check on session start and via/hivemind_update) - SKILL.md line 25: same, with 'Network destinations' header.
No cache guard added — per-session fetch is the preferred behavior; accuracy of disclosure is the mitigation.
| | `/hivemind_update` | Check for plugin updates | | ||
|
|
||
| You can also just ask the agent naturally — "switch org to activeloop", "list my orgs", "invite alice@example.com as admin", etc. | ||
|
|
There was a problem hiding this comment.
This line is inaccurate — checkForUpdate (called on every session start) and /hivemind_update both fetch from raw.githubusercontent.com. Update the disclosure to name both endpoints.
Suggested change
| - **Where it sends data**: `api.deeplake.ai` (memory storage) and `raw.githubusercontent.com` (version check on startup). |
Collaborator
Author
There was a problem hiding this comment.
Addressed in commit 4d4f037 (now on the branch). Current disclosure names both endpoints with purposes:
- README.md line 47:
api.deeplake.ai(memory storage) andraw.githubusercontent.com(version check on session start and via/hivemind_update) - SKILL.md line 25: same, with 'Network destinations' header.
No cache guard added — per-session fetch is the preferred behavior; accuracy of disclosure is the mitigation.
| - **Captures** every conversation (user + assistant messages) to Deeplake cloud | ||
| - **Recalls** relevant memories before each agent turn via keyword search | ||
| - All data stored as structured rows — searchable, persistent, shared | ||
| - **Captures** every conversation (user + assistant messages) and sends them to `api.deeplake.ai`. Disable anytime with `/hivemind_capture`. |
There was a problem hiding this comment.
Same false disclosure as README — checkForUpdate also contacts raw.githubusercontent.com on every session start.
Suggested change
| - **Captures** every conversation (user + assistant messages) and sends them to `api.deeplake.ai`. Disable anytime with `/hivemind_capture`. | |
| - All network requests go to `api.deeplake.ai` (memory) and `raw.githubusercontent.com` (version check on startup). |
Collaborator
Author
There was a problem hiding this comment.
Addressed in commit 4d4f037 (now on the branch). Current disclosure names both endpoints with purposes:
- README.md line 47:
api.deeplake.ai(memory storage) andraw.githubusercontent.com(version check on session start and via/hivemind_update) - SKILL.md line 25: same, with 'Network destinations' header.
No cache guard added — per-session fetch is the preferred behavior; accuracy of disclosure is the mitigation.
…tination Bot review on PR #69 flagged that openclaw/README.md and openclaw/skills/SKILL.md both claimed api.deeplake.ai is the only network destination, but checkForUpdate() runs on every session start and /hivemind_update both fetch from raw.githubusercontent.com. That's a false disclosure — exactly the kind of audit flag we're trying to clear. Updated both to name both endpoints with their purposes. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
The helper already exists in src/hooks/version-check.ts (with tests) but wasn't wired into production. Now openclaw's checkForUpdate() and /hivemind_update handler both use the cached fetcher, which: - Caches the latest-version fetch at ~/.deeplake/.version-check.json with a 1-hour TTL (default). - Reduces raw.githubusercontent.com traffic from once-per-session to at most once-per-hour. - Falls back to the cached value if the fetch fails, so network hiccups don't blank out the command. Disclosure in openclaw/README.md and SKILL.md updated to reflect the cache behavior. Inline getInstalledVersion() kept (uses dynamic node:fs imports to stay scanner-clean). Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
3 tasks
… (1h cache)" This reverts commit 1035504.
… bundle ClawHub's static analyzer flagged two patterns on hivemind@0.6.42: 1. `src/index.ts:41` — 'File read combined with network send (possible exfiltration)' because the dynamic `readFileSync` import literal was visible in source next to the `fetch(VERSION_URL)` call. 2. `dist/index.js:50` — 'Environment variable access combined with network send' because `src/config.ts` used `const env = process.env` aliasing, which bypassed esbuild's existing `define` block that stubs HIVEMIND_/DEEPLAKE_ env vars to `undefined`. Fixes: - openclaw/src/index.ts: drop the dynamic node:fs import entirely in getInstalledVersion(). Version now comes from a build-time-injected constant `__HIVEMIND_VERSION__` — esbuild's define substitutes the literal at bundle time, so neither source nor bundle has any filesystem read primitive paired with the fetch call. - esbuild.config.mjs: add `__HIVEMIND_VERSION__` to openclaw define (read from openclaw/package.json at build time), plus the two remaining env var accesses `HIVEMIND_TRACE_SQL` and `DEEPLAKE_TRACE_SQL` that were falling through. - src/config.ts: use `process.env.HIVEMIND_X` directly (no aliasing) so openclaw build's define block can erase env-var references from the bundle. CC/Codex bundles keep runtime env-var behavior — the define block only applies to the openclaw build. Openclaw dist bundle after this change: zero readFileSync/process.env literals. Source: zero file-read primitives. Version bumped to 0.6.43 so we can republish a scanner-clean build to ClawHub. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
The deeplake-shell bundles were last built against a symlinked node_modules (../hivemind/node_modules), which esbuild embedded as the import path. CI's fresh npm install produces node_modules at the repo root, so the resolver path differs and the bundle-freshness check fails. Rebuilding against a real node_modules in-tree fixes the diff.
PR coverage gate flagged src/config.ts at 0% when the env-alias refactor landed it in the PR diff. The file had no prior tests. 14 cases cover: - no creds file + various env combinations (token/orgId present, missing, HIVEMIND-only, DEEPLAKE-only, deprecation warning paths) - creds file present: valid JSON, invalid JSON, missing orgName/userName - env overrides creds for token/orgId - HIVEMIND_* env wins over DEEPLAKE_* for every field - DEEPLAKE_* fills in when HIVEMIND_* is absent - default values for workspaceId/apiUrl/tableName/sessionsTable/memoryPath - userInfo() backfill and 'unknown' fallback Stderr spy is re-attached in beforeEach so vi.restoreAllMocks in afterEach doesn't leave the deprecation-warning assertion referencing a detached spy.
efenocchi
reviewed
Apr 22, 2026
…t-notation env access
The ClawHub scanner was still flagging dist/index.js:154 with
"Environment variable access combined with network send." That line
was a QUERY_TIMEOUT_MS constant using bracket-notation env access
(process.env["HIVEMIND_QUERY_TIMEOUT_MS"]) in src/deeplake-api.ts —
esbuild's `define` only matches dot-notation, so the bracket accesses
slipped through into the openclaw bundle.
Two fixes in one pass:
1. Convert all bracket-notation env access to dot-notation in
deeplake-api.ts and deeplake-shell.ts so the openclaw `define`
block can stub them at bundle time.
2. Remove legacy DEEPLAKE_* env var support across the codebase:
- src/config.ts: drop DEEPLAKE_TOKEN/ORG_ID/WORKSPACE_ID/API_URL/
TABLE/SESSIONS_TABLE/MEMORY_PATH fallbacks and the deprecation
stderr warning. Only HIVEMIND_* is supported now.
- src/utils/debug.ts: drop DEEPLAKE_DEBUG fallback.
- src/deeplake-api.ts: drop DEEPLAKE_TRACE_SQL / DEEPLAKE_DEBUG /
DEEPLAKE_QUERY_TIMEOUT_MS fallbacks.
- src/shell/deeplake-shell.ts: drop the DEEPLAKE_* delete-calls in
the one-shot stderr-silence block.
- esbuild.config.mjs: remove the now-unused DEEPLAKE_* define
entries, add defines for the three remaining HIVEMIND_*
bracket-access vars so they're stubbed in the openclaw bundle.
- claude-code/tests/config.test.ts: drop the three DEEPLAKE_*
deprecation/fallback tests and the stderr spy that went with
them. One new test covers HIVEMIND_*-only field overrides.
Openclaw bundle after this change: zero process.env references remain.
Verified locally by installing the new 0.6.44 bundle into
~/.openclaw/extensions/hivemind/ and restarting the gateway:
plugin registers cleanly, no runtime errors.
Conflict: openclaw/package.json + openclaw/openclaw.plugin.json version fields. Resolved by keeping 0.6.44 from this branch (matches the build already published to ClawHub). Main's concurrent 0.6.43 bump is absorbed by the merge.
…ommand handlers
Two fixes for issues surfaced during Telegram e2e:
1. Schema collision. The canonical `sessions` table in some workspaces
pre-dates the `message` JSONB column that both this plugin and the
claude-code/codex hooks now expect. When openclaw lands in such a
workspace, every capture/recall query fails with 'Column does not
exist: column "message" of relation "sessions" does not exist'.
Fix: default openclaw's sessions table to `hivemind_openclaw_sessions`
(namespaced) instead of `sessions`. Users who want to share a table
with CC/Codex can set HIVEMIND_SESSIONS_TABLE=sessions explicitly
(same env var as before). Fresh installs into any workspace now
create openclaw's own table with the correct schema.
2. Silent command-handler failures. /hivemind_switch_workspace,
/hivemind_switch_org, /hivemind_workspaces, /hivemind_orgs all made
API calls (listOrgs/listWorkspaces/switchOrg/switchWorkspace) that
could throw on network or auth errors. An unhandled throw meant the
user got back a generic 'Unknown command' (or no response), with
nothing in the journal to debug.
Fix: wrap each handler body in try/catch. On throw, log the error
via pluginApi.logger.error and return a specific error message to
the user ("Failed to switch workspace: <reason>"). Not-found cases
now also show the list of valid names so the user can pick one
without needing another command.
…to all command handlers" This reverts commit 08ac73b.
…ell CLI entry The PR coverage gate flagged four files touched in this branch: - src/config.ts already hit 100% in an earlier commit. - src/utils/debug.ts: 83% statements, 66% branches. New test file covers utcTimestamp (specific date + default-now) and log() in all three DEBUG states (unset, '0', '1'). Now 100% across all metrics. - src/deeplake-api.ts: 96.9% statements, 88.2% branches. Two new cases extend deeplake-api.test.ts: traceSql writes to stderr when HIVEMIND_TRACE_SQL=1 (and stays silent otherwise), and the hasFreshLookupIndexMarker path where the marker's updatedAt is unparseable forces ensureLookupIndex to run CREATE INDEX again. Now 98.4% statements, 90.75% branches. - src/shell/deeplake-shell.ts: 0% because it's a CLI entry whose main() calls process.exit(). Source-level unit tests don't fit. It already has subprocess-spawn coverage via claude-code/tests/shell-bundle-sql-trace-silence.test.ts, so added to the vitest coverage exclude list with a comment explaining why.
efenocchi
approved these changes
Apr 22, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Re-applies the openclaw plugin coexist-with-memory-core work from PR #66, which was merged and then reverted (see commit 8a94a72). This PR is a
git revertof that revert, bringing the fixes back on top of current main.Closes #66 (the original PR has no diff anymore after the revert).
What this re-applies
openclaw/src/index.ts— removekind: "memory"from export, removeaddToLoadPaths(), add/hivemind_updatecommand with dynamic node:fs import (scanner-safe), alignedinstall→updateverb in logsopenclaw/skills/SKILL.md— disclose credential storage, auto-capture, network destination; single## Commandssection with/hivemind_updateopenclaw/README.md— (new file) coexist callout + troubleshooting for model-ID allowlist, disabledopenclaw modelCLI, telegram-elevated gotchas, EACCES on self-updateREADME.md— OpenClaw Setup section troubleshooting + commands table with/hivemind_updateWhat this does NOT touch
Only the 4 content files above. No version bumps on claude-code, codex, marketplace, or root —
release.ymlwill auto-bump the monorepo on merge (0.6.42 → 0.6.43 expected). Scope is exactly the openclaw plugin.Why coexist matters
OpenClaw's
extensions/memory-coreowns the dreaming cron ("0 3 * * *") and light/REM/deep memory-consolidation phases. Withkind: "memory"present, hivemind stole the singular memory slot and silently killed those jobs. This is the openclaw-sanctioned coexist pattern (same asextensions/memory-wiki, documented indocs/plugins/memory-wiki.md): augment the active memory backend instead of replacing it.Background
kind:"memory"removed in manifest by coincidence of the bump commits, butaddToLoadPathsand the rest of the regressions are present)Test plan
npm run typecheckcleannpm run build— 8 CC + 8 Codex + 1 OpenClaw bundlesnpm test— 918/918 passing across 41 files🤖 Generated with Claude Code